Improved network anomaly detection system using optimized autoencoder - LSTM

Intrusion detection (ID) gives security in network traffic or system activities monitors to detect suspicious activities, behavior, potential attacks, or unauthorized access. IDs are crucial in cybersecurity, as organizations identify and respond to threats before they cause harm. The anomaly-based detection method is a popular and challenging research area in identifying new threats. So, this study focuses on developing an efficient network anomaly-based detection approach. It can establish a baseline for normal behavior and flag deviations from this baseline as potential threats. So, it can detect new or unknown attacks that deviate from standard traffic patterns. The study's main objective is to reduce the false positive rate and improve the class imbalance issues in the data. So, an optimized Deep Learning (DL) model is developed to detect new threats and reduce the false positive rate in the present ID systems. The DL model combines the Long Short-Term Memory (LSTM) with the Autoencoder model, where the auto-encoder learns normal patterns, while LSTM handles sequential dependencies in the data. Moreover, the LSTM model performance is optimized using Particle Swarm Optimization (PSO). The performance of the DL model is evaluated with existing IDS methods and the results shows that the proposed model achieves maximum detection accuracy rate of 0.9989.